en

Calculate an HMAC

Compute a file HMAC with a secret key (SHA-256/1/384/512 or MD5) - fully local in your browser; the file and key never leave your device.

Algorithm
  • SHA-256
  • SHA-1
  • SHA-384
  • SHA-512
  • MD5
Key

Your files

    Running locally on your device ...

    0%

    Your files never left your device

      Is my file uploaded?

      No. Everything runs in your browser - your file never leaves your device. How this is verifiable

      No upload100% local
      Your content stays with youno third-party access
      Servers in GermanyGDPR by design
      Independently auditedTLS A+ · HTTP headers A+

      An HMAC (keyed-hash message authentication code) is a checksum with a key: unlike a plain hash it proves not only that a file is unchanged, but also that it comes from someone who knows the same secret key. Only a holder of the key can reproduce the same value - which makes an HMAC suitable for confirming the authenticity and integrity of a file between two parties who agreed on a key beforehand.

      You pick the underlying hash function. SHA-256 is today’s standard and the right choice when nothing else is required. SHA-384 and SHA-512 give longer values from the same family; SHA-1 and MD5 are considered outdated and should only be used to match older systems. The key is entered as text and used as UTF-8 bytes - exactly like the command-line tools, so the result compares 1:1 with the value from openssl.

      The computation runs entirely locally in your browser via the native Web Crypto interface - nothing is uploaded, nothing is stored, and no foreign library is loaded from a CDN. That matters especially for an HMAC: both the file and the secret key stay on your device. The result appears as a text file in the format hex value followed by the file name, directly comparable with a value produced elsewhere.

      Specifications

      Specifications
      Output formatTXT
      Batch processingYes
      ProcessingLocally in your browser (JavaScript)
      File uploadNone

      In 3 steps

      1. Drop a file and enter a secret key.
      2. Pick the hash method (default: SHA-256).
      3. Read the HMAC and download it as a text file.

      Limitations: An HMAC ensures authenticity and integrity but does not encrypt anything - the file content stays readable. Its security rests entirely on the key: it must stay secret and be agreed over a secure channel. SHA-1 and MD5 are only meant for matching legacy systems, not for new security requirements.

      FAQ

      Are my file and key uploaded?

      No. Both stay local in the browser; the file and key never leave your device and are not stored.

      What is the difference from a normal checksum?

      A checksum only proves a file is unchanged. An HMAC additionally needs a secret key and thus also proves origin - only someone who knows the key can produce the value.

      Which method should I pick?

      When in doubt, SHA-256. SHA-384 or SHA-512 for longer values, SHA-1 or MD5 only to match older systems.

      Can I compare the result with OpenSSL?

      Yes. The output is in the same format as the command line and matches the hex value of openssl dgst with the -hmac option and the chosen method.

      Related tools